Merge branch 'selhorn-trouble-duo' into 'master'

Moving troubleshooting to its own page See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/175440 Merged-by: Gary Holtz <gholtz@gitlab.com> Approved-by: Amy Qualls <aqualls@gitlab.com> Approved-by: Gary Holtz <gholtz@gitlab.com> Reviewed-by: Sacha Guyon <sguyon@gitlab.com> Co-authored-by: Suzanne Selhorn <sselhorn@gitlab.com>

Merge branch 'selhorn-trouble-duo' into 'master'
761045d6 · Gary Holtz · GitLab · 8995cfec · 84a3332d · 761045d6
--- a/doc/install/install_ai_gateway.md
+++ b/doc/install/install_ai_gateway.md
@@ -188,3 +188,13 @@ Ensure that:
 If access issues persist, check that authentication is correctly configured, and that the health check passes.

 In case of persistent issues, the error message may suggest bypassing authentication with `AIGW_AUTH__BYPASS_EXTERNAL=true`, but only do this for troubleshooting.
+
+You can also run a [health check](../user/gitlab_duo/setup.md#run-a-health-check-for-gitlab-duo) by going to **Admin > GitLab Duo**.
+
+Here are the list of test performed for offline environments:
+
+| Test | Description |
+|-----------------|-------------|
+| Network | Tests whether: <br>- The environment variable `AI_GATEWAY_URL` has been set to a valid URL.<br> - Your instance can connect to the URL specified by `AI_GATEWAY_URL`.<br><br>If your instance cannot connect to the URL, ensure that your firewall or proxy server settings [allow connection](../user/gitlab_duo/setup.md). |
+| License | Tests whether your license has the ability to access Code Suggestions feature. |
+| System exchange | Tests whether Code Suggestions can be used in your instance. If the system exchange assessment fails, users might not be able to use GitLab Duo features. |
--- a/doc/user/get_started/getting_started_gitlab_duo.md
+++ b/doc/user/get_started/getting_started_gitlab_duo.md
@@ -32,7 +32,7 @@ For more information, see:
 - [Features included in Duo Pro and Duo Enterprise](https://about.gitlab.com/gitlab-duo/#pricing).
 - [List of GitLab Duo features and their language models](../gitlab_duo/index.md).
 - [Self-hosted models](../../administration/self_hosted_models/index.md).
- [Health check details](../gitlab_duo/turn_on_off.md#run-a-health-check-for-gitlab-duo).
+- [Health check details](../gitlab_duo/setup.md#run-a-health-check-for-gitlab-duo).

 ## Step 2: Try Duo Chat in the UI


--- a/doc/user/gitlab_duo/setup.md
+++ b/doc/user/gitlab_duo/setup.md
+---
+stage: AI-powered
+group: AI Framework
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
+---
+
+# Configure GitLab Duo on a self-managed instance
+
+DETAILS:
+**Offering:** Self-managed, GitLab Dedicated
+**Tier:** Premium, Ultimate
+
+GitLab Duo is powered by large language models (LLMs), with data sent through an AI gateway.
+To use GitLab Duo on a self-managed instance, you can:
+
+1. Use the LLMs and the cloud-based AI gateway that's hosted by GitLab. This is the default option.
+1. [Use LLMs from the supported list and self-host the AI gateway and LLMs](../../administration/self_hosted_models/index.md).
+   This option provides full control over your data and security.
+
+This page focuses on how to configure a self-managed instance if you're using the default, GitLab-hosted option.
+
+## Prerequisites
+
+- You must ensure both [outbound](#allow-outbound-connections-from-the-gitlab-instance)
+  and [inbound](#allow-inbound-connections-from-clients-to-the-gitlab-instance) connectivity exists.
+  Network firewalls can cause lag or delay.
+- [Silent Mode](../../administration/silent_mode/index.md) must not be turned on.
+- You must [activate your instance with an activation code](../../administration/license.md#activate-gitlab-ee).
+- GitLab Duo requires GitLab 17.2 and later for the best user experience and results. Earlier versions may continue to work, however the experience may be degraded.
+
+GitLab Duo features that are experimental or beta are turned off by default
+and [must be turned on](turn_on_off.md#turn-on-beta-and-experimental-features).
+
+## Allow outbound connections from the GitLab instance
+
+ Check both your outbound and inbound settings:
+
+- Your firewalls and HTTP/S proxy servers must allow outbound connections
+  to `cloud.gitlab.com` and `customers.gitlab.com` on port `443` both with `https://`.
+  These hosts are protected by Cloudflare. Update your firewall settings to allow traffic to
+  all IP addresses in the [list of IP ranges Cloudflare publishes](https://www.cloudflare.com/ips/).
+- To use an HTTP/S proxy, both `gitLab_workhorse` and `gitLab_rails` must have the necessary
+  [web proxy environment variables](https://docs.gitlab.com/omnibus/settings/environment-variables.html) set.
+- In multi-node GitLab installations, configure the HTTP/S proxy on all **Rails** and **Sidekiq** nodes.
+
+## Allow inbound connections from clients to the GitLab instance
+
+- GitLab instances must allow inbound connections from Duo clients ([IDEs](../../editor_extensions/index.md),
+  Code Editors, and GitLab Web Frontend) on port 443 with `https://` and `wss://`.
+- Both `HTTP2` and the `'upgrade'` header must be allowed, because GitLab Duo
+  uses both REST and WebSockets.
+- Check for restrictions on WebSocket (`wss://`) traffic to `wss://gitlab.example.com/-/cable` and other `.com` domains.
+  Network policy restrictions on `wss://` traffic can cause issues with some GitLab Duo Chat
+  services. Consider policy updates to allow these services.
+- If you use reverse proxies, such as Apache, you might see GitLab Duo Chat connection issues in your logs, like **WebSocket connection to .... failures**.
+
+To resolve this problem, try editing your Apache proxy settings:
+
+```apache
+# Enable WebSocket reverse Proxy
+# Needs proxy_wstunnel enabled
+  RewriteCond %{HTTP:Upgrade} websocket [NC]
+  RewriteCond %{HTTP:Connection} upgrade [NC]
+  RewriteRule ^/?(.*) "ws://127.0.0.1:8181/$1" [P,L]
+```
+
+## Run a health check for GitLab Duo
+
+DETAILS:
+**Status:** Beta
+
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/161997) in GitLab 17.3.
+> - [Download health check report added](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/165032) in GitLab 17.5.
+
+You can determine if your instance meets the requirements to use GitLab Duo.
+When the health check completes, it displays a pass or fail result and the types of issues.
+If the health check fails any of the tests, users might not be able to use GitLab Duo features in your instance.
+
+This is a [beta](../../policy/development_stages_support.md) feature.
+
+Prerequisites:
+
+- You must be an administrator.
+
+To run a health check:
+
+1. On the left sidebar, at the bottom, select **Admin**.
+1. Select **GitLab Duo**.
+1. On the upper-right corner, select **Run health check**.
+1. Optional. In GitLab 17.5 and later, after the health check is complete, you can select **Download report** to save a detailed report of the health check results.
+
+Here is the list of tests performed: 
+
+| Test | Description |
+|-----------------|-------------|
+| Network | Tests whether your instance can connect to `customers.gitlab.com` and `cloud.gitlab.com`.<br><br>If your instance cannot connect to either destination, ensure that your firewall or proxy server settings [allow connection](setup.md). |
+| Synchronization | Tests whether your subscription: <br>- Has been activated with an activation code and can be synchronized with `customers.gitlab.com`.<br>- Has correct access credentials.<br>- Has been synchronized recently. If it hasn't or the access credentials are missing or expired, you can [manually synchronize](../../subscriptions/self_managed/index.md#manually-synchronize-subscription-data) your subscription data. |
+| System exchange | Tests whether Code Suggestions can be used in your instance. If the system exchange assessment fails, users might not be able to use GitLab Duo features. |
--- a/doc/user/gitlab_duo/troubleshooting.md
+++ b/doc/user/gitlab_duo/troubleshooting.md
+---
+stage: AI-powered
+group: AI Framework
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
+---
+
+# Troubleshooting GitLab Duo
+
+When working with GitLab Duo, you might encounter issues.
+
+Start by [running a health check](setup.md#run-a-health-check-for-gitlab-duo)
+to determine if your instance meets the requirements to use GitLab Duo.
+
+If the health check does not resolve your problem, review these troubleshooting steps.
+
+## GitLab Duo features do not work on self-managed
+
+In addition to [ensuring GitLab Duo features are turned on](turn_on_off.md),
+you can also do the following:
+
+1. As administrator, run a health check for GitLab Duo.
+
+   ::Tabs
+
+   :::TabTitle In 17.5 and later
+
+   In GitLab 17.5 and later, you can use the UI to run health checks and download a detailed report that helps identify and troubleshoot issues.
+
+   :::TabTitle In 17.4
+
+   In GitLab 17.4, you can run the health check Rake task to generate a detailed report that helps identify and troubleshoot issues.
+
+   ```shell
+   sudo gitlab-rails 'cloud_connector:health_check(root,report.json)'
+   ```
+
+   :::TabTitle In 17.3 and earlier
+
+   In GitLab 17.3 and earlier, you can download and run the `health_check` script to generate a detailed report that helps identify and troubleshoot issues.
+
+   1. Download the health check script:
+
+      ```shell
+      wget https://gitlab.com/gitlab-org/gitlab/-/snippets/3734617/raw/main/health_check.rb
+      ```
+
+   1. Run the script using Rails Runner:
+
+      ```shell
+      gitlab-rails runner [full_path/to/health_check.rb] --debug --username [username] --output-file [report.txt]
+      ```
+
+       ```shell
+       Usage: gitlab-rails runner full_path/to/health_check.rb
+              --debug                Enable debug mode
+              --output-file FILE     Write a report to FILE
+              --username USERNAME    Provide a username to test seat assignments
+              --skip [CHECK]         Skip specific check (options: access_data, token, license, host, features, end_to_end)
+       ```
+
+   ::EndTabs
+
+1. Verify that the GitLab instance can reach the [required GitLab.com endpoints](setup.md).
+   You can use command-line tools such as `curl` to verify the connectivity.
+
+    ```shell
+    curl --verbose "https://cloud.gitlab.com"
+
+    curl --verbose "https://customers.gitlab.com"
+    ```
+
+    If an HTTP/S proxy is configured for the GitLab instance, include the `proxy` parameter in the `curl` command.
+
+    ```shell
+    # https proxy for curl
+    curl --verbose --proxy "http://USERNAME:PASSWORD@example.com:8080" "https://cloud.gitlab.com"
+    curl --verbose --proxy "http://USERNAME:PASSWORD@example.com:8080" "https://customers.gitlab.com"
+    ```
+
+1. Optional. If you are using a [proxy server](setup.md#allow-outbound-connections-from-the-gitlab-instance) between the GitLab
+   application and the public internet,
+   [disable DNS rebinding protection](../../security/webhooks.md#enforce-dns-rebinding-attack-protection).
+
+1. [Manually synchronize subscription data](../../subscriptions/self_managed/index.md#manually-synchronize-subscription-data).
+   - Verify that the GitLab instance [synchronizes your subscription data with GitLab](https://about.gitlab.com/pricing/licensing-faq/cloud-licensing/).
+
+## GitLab Duo features not available for users
+
+In addition to [turning on GitLab Duo features](turn_on_off.md),
+you can also do the following:
+
+1. Verify that [subscription seats have been purchased](../../subscriptions/subscription-add-ons.md#purchase-gitlab-duo).
+1. Ensure that [seats are assigned to users](../../subscriptions/subscription-add-ons.md#assign-gitlab-duo-seats).
+1. For IDE users with the [GitLab Duo extension](../../user/project/repository/code_suggestions/supported_extensions.md#supported-editor-extensions):
+   - Verify that the extension is up-to-date.
+   - Run extension setting health checks, and test the authentication.
--- a/doc/user/gitlab_duo/turn_on_off.md
+++ b/doc/user/gitlab_duo/turn_on_off.md
@@ -11,106 +11,11 @@ info: To determine the technical writer assigned to the Stage/Group associated w

 GitLab Duo features that are generally available are automatically turned on for all users that have access.

-## Prerequisites
-
- If you have self-managed GitLab:
-  - You must [allow connectivity](#configure-gitlab-duo-on-a-self-managed-instance).
-  - [Silent Mode](../../administration/silent_mode/index.md) must not be turned on.
-  - You must [activate your instance with an activation code](../../administration/license.md#activate-gitlab-ee).
-  - GitLab Duo requires GitLab 17.2 and later for the best user experience and results. Earlier versions may continue to work, however the experience may be degraded.
- If you have GitLab Dedicated, you must have [GitLab Duo Pro or Enterprise](../../subscriptions/subscription-add-ons.md).
+- You must have an [GitLab Duo Pro or Enterprise add-on subscription](../../subscriptions/subscription-add-ons.md).
 - For some generally available features, like [Code Suggestions](../project/repository/code_suggestions/index.md),
-  [you must assign seats](../../subscriptions/subscription-add-ons.md#assign-gitlab-duo-seats)
+  [you must also assign seats](../../subscriptions/subscription-add-ons.md#assign-gitlab-duo-seats)
  to the users you want to have access.

-GitLab Duo features that are experimental or beta are turned off by default
-and [must be turned on](#turn-on-beta-and-experimental-features).
-
-## Configure GitLab Duo on a self-managed instance
-
-To use GitLab Duo on a self-managed instance, you must ensure both outbound and inbound connectivity exists.
-
-For example, network firewalls can cause lag or delay. Check both your outbound and inbound settings:
-
-### Allow outbound connections from the GitLab instance
-
- Your firewalls and HTTP/S proxy servers must allow outbound connections
-  to `cloud.gitlab.com` and `customers.gitlab.com` on port `443` both with `https://`.
-  These hosts are protected by Cloudflare. Update your firewall settings to allow traffic to
-  all IP addresses in the [list of IP ranges Cloudflare publishes](https://www.cloudflare.com/ips/).
- To use an HTTP/S proxy, both `gitLab_workhorse` and `gitLab_rails` must have the necessary
-  [web proxy environment variables](https://docs.gitlab.com/omnibus/settings/environment-variables.html) set.
- In multi-node GitLab installations, configure the HTTP/S proxy on all **Rails** and **Sidekiq** nodes.
-
-### Allow inbound connections from clients to the GitLab instance
-
- GitLab instances must allow inbound connections from Duo clients ([IDEs](../../editor_extensions/index.md),
-  Code Editors, and GitLab Web Frontend) on port 443 with `https://` and `wss://`.
- Both `HTTP2` and the `'upgrade'` header must be allowed, because GitLab Duo
-  uses both REST and WebSockets.
- Check for restrictions on WebSocket (`wss://`) traffic to `wss://gitlab.example.com/-/cable` and other `.com` domains.
-  Network policy restrictions on `wss://` traffic can cause issues with some GitLab Duo Chat
-  services. Consider policy updates to allow these services.
- If you use reverse proxies, such as Apache, you might see GitLab Duo Chat connection issues in your logs, like **WebSocket connection to .... failures**.
-
-To resolve this problem, try editing your Apache proxy settings:
-
-```apache
-# Enable WebSocket reverse Proxy
-# Needs proxy_wstunnel enabled
-  RewriteCond %{HTTP:Upgrade} websocket [NC]
-  RewriteCond %{HTTP:Connection} upgrade [NC]
-  RewriteRule ^/?(.*) "ws://127.0.0.1:8181/$1" [P,L]
-```
-
-## Run a health check for GitLab Duo
-
-DETAILS:
-**Offering:** Self-managed, GitLab Dedicated
-**Tier:** Premium, Ultimate
-**Status:** Beta
-
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/161997) in GitLab 17.3.
-> - [Download health check report added](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/165032) in GitLab 17.5.
-
-Run a health check to test if your instance meets the requirements to use GitLab Duo.
-When the health check completes, it displays a pass or fail result and the types of issues.
-If the health check fails any of the tests, users might not be able to use GitLab Duo features in your instance.
-
-This is a [beta](../../policy/development_stages_support.md) feature.
-
-Prerequisites:
-
- You must be an administrator.
-
-To run a health check:
-
-1. On the left sidebar, at the bottom, select **Admin**.
-1. Select **GitLab Duo**.
-1. On the upper-right corner, select **Run health check**.
-1. Optional. In GitLab 17.5 and later, after the health check is complete, you can select **Download report** to save a detailed report of the health check results.
-
-### Health check tests
-
-To verify if your instance meets the requirements to use GitLab Duo, the health check performs tests
-for online and offline environments.
-
-#### For online environments
-
-| Test | Description |
-|-----------------|-------------|
-| Network | Tests whether your instance can connect to `customers.gitlab.com` and `cloud.gitlab.com`.<br><br>If your instance cannot connect to either destination, ensure that your firewall or proxy server settings [allow connection](#configure-gitlab-duo-on-a-self-managed-instance). |
-| Synchronization | Tests whether your subscription: <br>- Has been activated with an activation code and can be synchronized with `customers.gitlab.com`.<br>- Has correct access credentials.<br>- Has been synchronized recently. If it hasn't or the access credentials are missing or expired, you can [manually synchronize](../../subscriptions/self_managed/index.md#manually-synchronize-subscription-data) your subscription data. |
-| System exchange | Tests whether Code Suggestions can be used in your instance. If the system exchange assessment fails, users might not be able to use GitLab Duo features. |
-
-#### For offline environments
-
-| Test | Description |
-|-----------------|-------------|
-| Network | Tests whether: <br>- The environment variable `AI_GATEWAY_URL` has been set to a valid URL.<br> - Your instance can connect to the URL specified by `AI_GATEWAY_URL`.<br><br>If your instance cannot connect to the URL, ensure that your firewall or proxy server settings [allow connection](#configure-gitlab-duo-on-a-self-managed-instance). |
-| License | Tests whether your license has the ability to access Code Suggestions feature. |
-| System exchange | Tests whether Code Suggestions can be used in your instance. If the system exchange assessment fails, users might not be able to use GitLab Duo features. |
-
 ## Turn off GitLab Duo features

 You can turn off GitLab Duo for a group, project, or instance.
@@ -259,6 +164,12 @@ To turn off GitLab Duo for an instance:

 In GitLab 17.3 and earlier, follow these instructions to turn off GitLab Duo for an instance.

+Prerequisites:
+
+- You must be an administrator.
+
+To turn off GitLab Duo for an instance:
+
 1. On the left sidebar, at the bottom, select **Admin**.
 1. Select **Settings > General**
 1. Expand **AI-powered features**.
@@ -346,87 +257,3 @@ where GitLab Duo Chat is not yet generally available, see the
 [GitLab Duo Chat documentation](../gitlab_duo_chat/turn_on_off.md#for-self-managed).

 ::EndTabs
-
-## Troubleshooting
-
-### GitLab Duo features do not work on self-managed
-
-In addition to [turning on GitLab Duo features](turn_on_off.md#prerequisites),
-you can also do the following:
-
-1. As administrator, [run a health check for GitLab Duo](#run-a-health-check-for-gitlab-duo).
-
-   ::Tabs
-
-   :::TabTitle In 17.5 and later
-
-   In GitLab 17.5 and later, you can use the UI to run health checks and download a detailed report that helps identify and troubleshoot issues.
-
-   :::TabTitle In 17.4
-
-   In GitLab 17.4, you can run the health check Rake task to generate a detailed report that helps identify and troubleshoot issues.
-
-   ```shell
-   sudo gitlab-rails 'cloud_connector:health_check(root,report.json)'
-   ```
-
-   :::TabTitle In 17.3 and earlier
-
-   In GitLab 17.3 and earlier, you can download and run the `health_check` script to generate a detailed report that helps identify and troubleshoot issues.
-
-   1. Download the health check script:
-
-      ```shell
-      wget https://gitlab.com/gitlab-org/gitlab/-/snippets/3734617/raw/main/health_check.rb
-      ```
-
-   1. Run the script using Rails Runner:
-
-      ```shell
-      gitlab-rails runner [full_path/to/health_check.rb] --debug --username [username] --output-file [report.txt]
-      ```
-
-       ```shell
-       Usage: gitlab-rails runner full_path/to/health_check.rb
-              --debug                Enable debug mode
-              --output-file FILE     Write a report to FILE
-              --username USERNAME    Provide a username to test seat assignments
-              --skip [CHECK]         Skip specific check (options: access_data, token, license, host, features, end_to_end)
-       ```
-
-   ::EndTabs
-
-1. Verify that the GitLab instance can reach the [required GitLab.com endpoints](#configure-gitlab-duo-on-a-self-managed-instance).
-   You can use command-line tools such as `curl` to verify the connectivity.
-
-    ```shell
-    curl --verbose "https://cloud.gitlab.com"
-
-    curl --verbose "https://customers.gitlab.com"
-    ```
-
-    If an HTTP/S proxy is configured for the GitLab instance, include the `proxy` parameter in the `curl` command.
-
-    ```shell
-    # https proxy for curl
-    curl --verbose --proxy "http://USERNAME:PASSWORD@example.com:8080" "https://cloud.gitlab.com"
-    curl --verbose --proxy "http://USERNAME:PASSWORD@example.com:8080" "https://customers.gitlab.com"
-    ```
-
-1. Optional. If you are using a [proxy server](#allow-outbound-connections-from-the-gitlab-instance) between the GitLab
-   application and the public internet,
-   [disable DNS rebinding protection](../../security/webhooks.md#enforce-dns-rebinding-attack-protection).
-
-1. [Manually synchronize subscription data](../../subscriptions/self_managed/index.md#manually-synchronize-subscription-data).
-   - Verify that the GitLab instance [synchronizes your subscription data with GitLab](https://about.gitlab.com/pricing/licensing-faq/cloud-licensing/).
-
-### GitLab Duo features not available for users
-
-In addition to [turning on GitLab Duo features](turn_on_off.md#prerequisites),
-you can also do the following:
-
-1. Verify that [subscription seats have been purchased](../../subscriptions/subscription-add-ons.md#purchase-gitlab-duo).
-1. Ensure that [seats are assigned to users](../../subscriptions/subscription-add-ons.md#assign-gitlab-duo-seats).
-1. For IDE users with the [GitLab Duo extension](../../user/project/repository/code_suggestions/supported_extensions.md#supported-editor-extensions):
-   - Verify that the extension is up-to-date.
-   - Run extension setting health checks, and test the authentication.
--- a/doc/user/gitlab_duo_chat/turn_on_off.md
+++ b/doc/user/gitlab_duo_chat/turn_on_off.md
@@ -27,7 +27,7 @@ Prerequisites:
 - GitLab Duo requires GitLab 17.2 and later for the best user experience and results. Earlier versions may continue to work, however the experience may be degraded.
 - You must have a Premium or Ultimate subscription that is [synchronized with GitLab](https://about.gitlab.com/pricing/licensing-faq/cloud-licensing/). To make sure GitLab Duo Chat works immediately, administrators can
  [manually synchronize your subscription](#manually-synchronize-your-subscription).
- You must have [enabled network connectivity](../gitlab_duo/turn_on_off.md#configure-gitlab-duo-on-a-self-managed-instance).
+- You must have [enabled network connectivity](../gitlab_duo/setup.md).
 - [Silent Mode](../../administration/silent_mode/index.md) must not be turned on.
 - All of the users in your instance must have the latest version of their IDE extension.


--- a/ee/app/views/gitlab_subscriptions/duo_seat_assignment_mailer/duo_enterprise_email.html.haml
+++ b/ee/app/views/gitlab_subscriptions/duo_seat_assignment_mailer/duo_enterprise_email.html.haml
@@ -35,7 +35,7 @@

              %tr
                %td{ align: "left", style: "padding: 10px 40px 30px 40px; font-family: 'Source Sans Pro', helvetica, arial, sans-serif; color: #ffffff;" }
-                  %a{ href: help_page_url('user/gitlab_duo/turn_on_off.md', anchor: 'configure-gitlab-duo-on-a-self-managed-instance'), style: "font-weight: bold; font-family: 'Source Sans Pro', helvetica, arial, sans-serif; color: #ffffff; text-decoration: none; border-radius: 3px;  border-top: 10px solid #7759c2; border-bottom: 10px solid #7759c2; border-right: 25px solid #7759c2; border-left: 25px solid #7759c2; background-color: #7759c2; display: inline-block;", target: "_blank", rel: "noopener noreferrer nofollow" }
+                  %a{ href: help_page_url('user/gitlab_duo/setup.md'), style: "font-weight: bold; font-family: 'Source Sans Pro', helvetica, arial, sans-serif; color: #ffffff; text-decoration: none; border-radius: 3px;  border-top: 10px solid #7759c2; border-bottom: 10px solid #7759c2; border-right: 25px solid #7759c2; border-left: 25px solid #7759c2; background-color: #7759c2; display: inline-block;", target: "_blank", rel: "noopener noreferrer nofollow" }
                    = _('Get started')
                  %p{ style: "padding-left: 10px; font-size: 12px;" }
                    = safe_format(s_('DuoEnterprise|Need help enabling features? Check to make sure an administrator has %{link_start}configured GitLab Duo on your instance%{link_end}.'), tag_pair(click_through_demo_link, :link_start, :link_end))